GMorgan wrote:Will that second option keep the script running as root or will all subsequent commands be run as fred. Personally I'd prefer to avoid NOPASSWDing it.

If you omit the NOPASSWD: bit from the entry in /etc/sudoers then when your script does a 'sudo command' you'd need to enter the password of the account running the script (not the root password), however any subsequent sudo commands within X minutes will remember that you've authenticated yourself and won't ask for the password again (I can't remember what X is though!).

If you were to use the NOPASSWD: field as in my example that would allow user fred to only run the two commands listed without providing a password.

Another trick you can do if you want user fred to run something as bert without knowing bert's password is as fred do